3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

733 commits

Author SHA1 Message Date
Shea Levy 7d1ddae58e nixos: evaluate assertions at toplevel, not at systemPackages
Fixes #2340
2014-04-22 14:09:02 -04:00
Eelco Dolstra 03d9e5cda0 sshd: Add support for socket activation
By enabling ‘services.openssh.startWhenNeeded’, sshd is started
on-demand by systemd using socket activation. This is particularly
useful if you have a zillion containers and don't want to have sshd
running permanently. Note that socket activation is not noticeable
slower, contrary to what the manpage for ‘sshd -i’ says, so we might
want to make this the default one day.
2014-04-22 17:38:54 +02:00
Eelco Dolstra baffee02b8 sshd: Always start a session
Partially reverts 70a4c7b1df. Whether to
start a session is independent of whether we're running in a
container.
2014-04-22 17:38:53 +02:00
Eelco Dolstra b4afe5b7bc dbus: Use upstream units 2014-04-22 17:38:53 +02:00
Eelco Dolstra fa3826dcf4 Ignore *.wants in systemd.packages for now 2014-04-22 17:38:53 +02:00
Eelco Dolstra 27a8cada79 openvpn: Add systemd startup notification
This causes OpenVPN services to reach the "active" state when the VPN
connection is up (i.e., after OpenVPN prints "Initialization Sequence
Completed"). This allows units to be ordered correctly after openvpn-*
units, and makes systemctl present a password prompt:

  $ start openvpn-foo
  Enter Private Key Password: *************

(I first tried to implement this by calling "systemd-notify --ready"
from the "up" script, but systemd-notify is not reliable.)
2014-04-22 13:14:58 +02:00
Shea Levy 2a4282c811 Revert "Merge branch 'dbus-switch-to-configuration'"
This seems to have combined badly with the systemd upgrade, we'll revert
for now and revisit after the 14.04 branch.

This reverts commit ad80532881, reversing
changes made to 1c5d3c7883.
2014-04-21 18:30:05 -04:00
Rickard Nilsson cfa5b5778c pulseaudio module: Use pid-file for system-wide daemon, add loglevel option 2014-04-21 23:22:11 +02:00
Rickard Nilsson 5db9287b7c rtkit: Update from 0.10 to 0.11 2014-04-21 23:22:10 +02:00
Ricardo M. Correia 5d5ca7b260 grsecurity: Update all patches
stable:  3.0-3.2.57-201404131252            -> 3.0-3.2.57-201404182109
test:    3.0-3.13.10-201404141717           -> 3.0-3.14.1-201404201132
vserver: 3.0-3.2.57-vs2.3.2.16-201404131253 -> 3.0-3.2.57-vs2.3.2.16-201404182110
2014-04-21 18:46:41 +02:00
Eelco Dolstra 19e9d25e8f Remove KDE 4.11 2014-04-21 18:13:17 +02:00
Oliver Charles ad80532881 Merge branch 'dbus-switch-to-configuration' 2014-04-21 13:09:14 +01:00
Shea Levy 1c5d3c7883 Merge branch 'modulesfix' of git://github.com/kirelagin/nixpkgs
ohci_pci is required in initrd since kernel 3.11
2014-04-21 07:51:31 -04:00
Kirill Elagin ca7978a09d ohci_pci is required in initrd since kernel 3.11 2014-04-21 15:42:05 +04:00
Oliver Charles 42ae633445 Merge branch 'master' into dbus-switch-to-configuration
Conflicts:
	nixos/modules/system/activation/switch-to-configuration.pl
2014-04-20 19:17:05 +01:00
Eelco Dolstra cf53152902 Fix GRUB 2 example
Fixes #1891.
2014-04-20 19:41:15 +02:00
Eelco Dolstra 4e8c2f0ff9 Merge branch 'systemd-update' 2014-04-20 19:31:01 +02:00
Eelco Dolstra 2fbb9aba43 Fix the installer test
http://hydra.nixos.org/build/10419676
2014-04-20 01:56:11 +02:00
Eelco Dolstra 37d5e9c455 Temporary fix for installer tests
http://hydra.nixos.org/build/10455979
2014-04-20 01:53:11 +02:00
Eelco Dolstra 0a256cc0ee Firewall: Only start if we have CAP_NET_ADMIN 2014-04-19 23:02:59 +02:00
Eelco Dolstra 4fb50f071f Manual: Typo fixes 2014-04-19 22:59:25 +02:00
William A. Kennington III 3ccf990372 pcscd: Refactor service and use socket activation 2014-04-19 14:37:31 +01:00
Eelco Dolstra 18a7ce76fc Enable udisks2 by default
The ability for unprivileged users to mount external media is useful
regardless of the desktop environment. Also, since udisks2 is
activated on-demand, it doesn't add any overhead if you're not using it.
2014-04-19 14:41:21 +02:00
Eelco Dolstra fa9ed04997 Restart polkit if its configuration may have changed 2014-04-19 14:29:02 +02:00
Eelco Dolstra 82535e0f8f switch-to-configuration: Check overrides.conf for X-* options 2014-04-19 14:28:33 +02:00
Eelco Dolstra b03a2f9e90 Set personality when running a 32-bit container on a 64-bit host 2014-04-19 13:14:51 +02:00
Eelco Dolstra 9f1c9404da Put /var/setuid-wrappers on a tmpfs
This allows all other filesystems to be mounted without the suid
option.
2014-04-19 12:40:09 +02:00
Eelco Dolstra 2a64b0a91b Shut up warning about resolv.conf missing 2014-04-19 12:34:59 +02:00
Eelco Dolstra fa1a46a01c setuid-wrapper: Fix broken string comparison 2014-04-19 10:58:30 +02:00
Eelco Dolstra b80e6b27c7 setuid-wrapper: Drop runtime dependency on setuid-wrapper.c 2014-04-19 10:53:17 +02:00
Eelco Dolstra a8aa9f3fd4 setuid-wrapper.c: Remove tabs 2014-04-19 10:53:05 +02:00
Eelco Dolstra e7ab051cda Disable predictable interface names in tests
Apparently systemd is now smart enough to figure out predictable names
for QEMU network interfaces. But since our tests expect them to be
named eth0/eth1..., this is not desirable at the moment.

http://hydra.nixos.org/build/10418789
2014-04-19 10:13:46 +02:00
Mathijs Kwik bf841cd892 Revert "systemd: oneshot units should be allowed to restart on failure/abort"
This reverts commit c1e638abb6.

As pointed out by wkennington, upstream disallows all cases as of v207
2014-04-18 21:42:22 +02:00
Eelco Dolstra 5ee5aa1b90 Make "nixos-container login" an alias of "machinectl login" 2014-04-18 20:47:31 +02:00
Eelco Dolstra 0121688424 gpm: Better start condition 2014-04-18 20:23:27 +02:00
Eelco Dolstra febb15f722 systemd: Enable keeping backlight / rfkill state across reboots 2014-04-18 19:37:15 +02:00
Eelco Dolstra 232a9caa96 Fix predictable network interface naming
In current systemd, this has been moved to systemd-network, which
we're not using yet. So revive the old udev rules from systemd 203.
2014-04-18 19:34:45 +02:00
Michael Raskin 7231b6b94e Merge pull request #2248 from ehmry/rsync
rsync updated 3.0.9 to 3.1.0, rsyncd service module
2014-04-18 10:17:08 -07:00
Eelco Dolstra 465d6ff572 Set $LOCALE_ARCHIVE in all systemd units
This variable used to be inherited implicitly from the stage-2 script,
but systemd now clears the environment. So we need to set it
explicitly.
2014-04-18 19:04:45 +02:00
Eelco Dolstra 313c38d5f1 switch-to-configuration: Handle systemctl output change 2014-04-18 19:04:45 +02:00
Eelco Dolstra 02b936189c Improve gpm service 2014-04-18 18:45:20 +02:00
Eelco Dolstra 48d90cf3b6 Revert "Put /nix/var/nix/{temproots,userpool} on a tmpfs"
This reverts commit dd49094a25. Nix
barfs if /nix/var/nix/temproots is a symlink :-(
2014-04-18 18:37:07 +02:00
Eelco Dolstra 1e540af43b Fix broken upstream user unit symlinks 2014-04-18 17:38:06 +02:00
Eelco Dolstra 85fdaed9de ssh-agent: Tweaks 2014-04-18 17:37:47 +02:00
Eelco Dolstra fec3bc85a6 postgresql: Use systemd's new "mixed" kill mode
"Mixed" mode sends the initial SIGINT only to the main process, but
sends the SIGKILL after the time-out expires to the entire cgroup.
2014-04-18 17:32:24 +02:00
Eelco Dolstra 16bba2db2e Use "machinectl poweroff" to shut down containers 2014-04-18 17:11:59 +02:00
Eelco Dolstra f9423208c2 Containers: Don't warn about not having a boot loader 2014-04-18 17:00:11 +02:00
Eelco Dolstra dd49094a25 Put /nix/var/nix/{temproots,userpool} on a tmpfs 2014-04-18 16:56:20 +02:00
Eelco Dolstra c13cede19d Remove long-obsolete /nix/var/nix/chroots directory 2014-04-18 16:50:37 +02:00
Eelco Dolstra 21573af9fb Containers: Use /etc/resolv.conf supplied by the host
This used to work with systemd-nspawn 203, because it bind-mounted
/etc/resolv.conf (so openresolv couldn't overwrite it). Now it's just
copied, so we need some special handling.
2014-04-18 16:48:11 +02:00